Comment by Jenda_
2 years ago
The Hetzner one is a physical server. You would need to stage a "power outage" and backdoor it, which is probably not that easy - e.g. planting a kernel module which survives kernel upgrades and is pretty advanced at hiding itself (the article talks about analyzing raw memory dump).
If it was big brother, obtaining a customised EUFI or ilo/drac/ipmi firmware for the hardware doesn't seem like a stretch.
It only takes access to a DMA-enabled bus (e.g. PCIe) though, to siphon memory contents.
And I bet PCIe is a whole lot more hotpluggable than you're officially told.